Does your access control system offer robust cyber security too?

29 Apr 2019

Access control systems are a huge asset for security, offering integrated and intelligent responses to events on site. But the best access control systems guard against cyber as well as physical threats to ensure more robust safety and security for people and places.

Inner Range General Manager Tim Northwood blogs about what to look for in your access control system to ensure you have robust cyber as well as physical security in place.


Secure communications at every interface

Secure communications are paramount for cyber security, whether that’s via in-house private communication networks or between access control system controllers, servers and door modules, or when the core system integrates with third-party products, such as CCTV.

A robust level of end-to-end encryption across all these communications channels and interfaces is vital. Data encryption ensures secure LAN communications at all times and continuous monitoring will detect any fault or attempted module substitution.

Ensuring the communications network is isolated also helps reduce the risk of interception.

Sandboxing

Sandboxing is a software management strategy that isolates applications, such as your access control system, from critical system resources and other programs, such as other products integrated with your core access control system. It provides an extra layer of security that prevents malware or harmful applications from negatively affecting your access control system.

Without sandboxing, an application may have unrestricted access to all system resources and user data on a computer. A sandboxed app, on the other hand, can only access resources in its own ‘sandbox’. An application’s sandbox is a limited area of storage space and memory that contains the only resources the program requires. If a program needs to access resources or files outside its sandbox, permission must be explicitly granted.

Reduce the risk of module substitution

Where a higher than normal level of security is required, you should ensure devices connected to the access control system have their own MAC addresses to help guard against cyber security breaches. This measure prevents module substitution. For example, if an attacker attempted to replace devices for others with lesser level of performance, the system would alert operators to the unauthorised change.

Create a stable network with failover protocols

Ensuring your system is ‘always on’ is another key element to reducing the risk of cyber breaches in vulnerable down-time. A security system should offer high availability with an IP network that runs multiple instances of itself – at the same time – across multiple nodes or servers at local, national and global levels. Solutions such as database failover clustering means it will auto-connect to available nodes when necessary and ensure there is no compromise to the system.

Fine grain permissions for users

Security systems that allow ‘fine grain’ tailoring for permissions and protocols offer better protection from would-be hackers. For example, systems that allow you to create completely bespoke access credentials for each member of staff and visitor ensure they can only access the correct areas and systems.

Forensic audit trail and roll-back 

Systems offering a full forensic audit trail are vital for robust cyber security. Forensic audit reports cover every single action and engagement with the access control system and can be reported at local, national or global levels. This means security managers can see exactly who has done what to the system and when. A good audit trail system should have the ability to ‘roll-back’ changes made to system programming by any person or entity at a specific date and time. This means, for example, changes made by a ‘rogue’ operator can be undone in one action and the system programming rolled back to exclude these changes.

For information on how Inner Range’s intelligent integrated access control and intruder detection systems can help you, please contact 0845 470 500 or email ireurope@innerrange.co.uk

Units 10 & 11, Theale Lakes Business Park
Moulden Way
Sulhamstead
RG7 4GB
Reading, Berkshire
United Kingdom

Follow:
Twitter   YouTube

See Anixter Limited t/a Inner Range at IFSEC International 2020

Anixter Limited t/a Inner Range will be exhibiting on Stand IF1730 at IFSEC International 2020, 19-21 May, ExCeL, London, UK

SCHEDULE MEETING
Integriti Encrypted High Security
Product

Integriti Encrypted High Security

Integriti Encrypted High Security is an integrated access control and security system, offering end-to-end encryption to 128 bit, with Mac authentication. Integriti Encrypted High Security will be particularly attractive to organisations that are of critical importance to national inf...

View product page

Integriti
Product

Integriti

View product page

Inception - New product preview
Product

Inception - New product preview

Web powered security from Inner Range

Inception is Inner Range’s first browser-based security and access control system. Despite being designed as an entry-level product,  Inception still includes much functionality of Inner Range’s integrated security management system, Integr...

View product page

SIFER RS-485 Smart Card Reader
Product

SIFER RS-485 Smart Card Reader

The SIFER card reader is a Smart Card reader designed and manufactured by Inner Range. It is a multi-drop RS-485 based reader that employs 128 bit AES encryption from the card through to the door module, providing a far superior level of security than that of traditional Wiegand based card readers. SIFER read...

View product page

The Integriti Prisma Keypad
Product

The Integriti Prisma Keypad

View product page

Inner Range Training Centre
Product

Inner Range Training Centre

The Inner Range Training Centre offers a complete, competency based training strategy for installers and Integrators of our products. Our Training Centre offers a comprehensive range of training courses and modules to actively raise the levels of skill, knowledge and professionalism of our accredited installe...

View product page

List your business for free

Create a business listing on the UK's leading security and fire directory

Get the IFSEC Global newsletter

The latest security and fire news, trends and insights

Close
FOR MORE INFORMATION CONTACT ANIXTER LIMITED T/A INNER RANGE
* Oops!
* Oops!
* Oops!
* Oops!
* Oops!
I have read, understood and consent to your Privacy Policy
* sorry this is a required field
MESSAGE SENT!

Thanks for using IFSEC Global Directory,

Your enquiry has been sent to the selected companies, they will be in contact shortly.